• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Apache Ambari - What's New in 1.2.5
 

Apache Ambari - What's New in 1.2.5

on

  • 1,404 views

 

Statistics

Views

Total Views
1,404
Views on SlideShare
1,402
Embed Views
2

Actions

Likes
2
Downloads
44
Comments
0

1 Embed 2

https://twitter.com 2

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Simple method for creating a self-signed certificate…1. Create a Private Keysudoopensslgenrsa -des3 -out server.key 10242. Generate a CSR (Certificate Signing Request) sudoopensslreq -new -key server.key -out server.csr3. Generating a Self-Signed Certificatesudoopenssl x509 -req -days 365 -in server.csr -signkeyserver.key -out server.crt

Apache Ambari - What's New in 1.2.5 Apache Ambari - What's New in 1.2.5 Presentation Transcript

  • © Hortonworks Inc. 2013 Apache Ambari 1.2.5 August 2013 Page
  • © Hortonworks Inc. 2013 What’s New in Ambari 1.2.5 • Manage Kerberos Secure Cluster • Customizable Dashboard Widgets • Improved Service Controls • Expanded Host Checks • Reduced “root” requirements • Core Security Enhancements –Setup Ambari Server HTTPS –Master Key Property Encryption –Optional Server-Agent SSL Communication –Optional Ganglia and Nagios SSL Page 2
  • © Hortonworks Inc. 2013 Manage Kerberos Secured Cluster Page 3 • Run “Security Wizard” • Download-able CSV of necessary principals & keytabs • Applies configuration properties and restarts Services
  • © Hortonworks Inc. 2013 Customizable Dashboard Widgets Page 4
  • © Hortonworks Inc. 2013 Improved Service Controls • Start All and Stop All Service Controls • Live Component Status Page 5
  • © Hortonworks Inc. 2013 Expanded Host Checks • During “cluster install” or add hosts”, more host checks and script-able report /var/lib/ambari-agent/data/hostcheck.result Page 6
  • © Hortonworks Inc. 2013 Reduced “root” requirements • Run “Ambari Server” as root or non-root account Page 7 AMBARI SERVER AMBARI WEB RDBMS root or non-root HADOOP AMBARI AGENT HOS T AMBARI AGENT HOS T AMBARI AGENT HOS T AMBARI AGENT HOS T AMBARI AGENT HOS T AMBARI AGENT HOS T AMBARI AGENT HOS T AMBARI AGENT HOS T Run as…
  • © Hortonworks Inc. 2013 Ambari Server HTTPS Page 8 • Configure SSL for Ambari • Provide Certificate during “setup”
  • © Hortonworks Inc. 2013 Learn More Page 9 Resource Location Apache Ambari Project Page http://incubator.apache.org/ambari/ Mailing Lists http://incubator.apache.org/ambari/mail-lists.html Ambari Wiki https://cwiki.apache.org/confluence/display/AMBARI Ambari JIRA https://issues.apache.org/jira/browse/AMBARI
  • © Hortonworks Inc. 2013 Appendix Two-Way SSL for Server-Agent Communication Page 10
  • © Hortonworks Inc. 2013 Secure Server-Agent Communication Page 11 Ambari Server Ambari Agent 11) Agent Heartbeat Begins 1) Connect on Handshake port 8441 4) Sign Agent Cert 2) Download Server Cert 6) Connect on Registration port 8440 7) Perform 2WAY auth using Agent Cert 10) Complete Host Registration Agent Host 8) Get FQDN 9) Register host 3) Request to Sign Agent Cert 5) Download Agent Cert + Disconnect
  • © Hortonworks Inc. 2013 Flow Details Page 12 Operation Description 1 Connect on Handshake port 8441 Ambari Agent connects to Ambari Server on the handshake port. 2 Download Server Certificate Ambari Agent downloads the Server Certificate. 3 Request to sign Agent Certificate Ambari Agent requests for Ambari Server to sign the Agent Certificate. 4 Sign Agent Cert Ambari Server signs Agent Certificate with password. 5 Download Agent Cert and Disconnect Ambar Agent downloads Agent Certificate and disconnects. 6 Connect on Registration port 8440 Ambari Agent connects to Ambari Server on the registration port. 7 Perform 2WAY auth using Agent Cert 2WAY authentication between Agent and Server. 8 Get FQDN Ambari Agent host gets the Fully Qualified Domain Name (FQDN) for the Agent host. Note: (8a) In case the host has multiple hostnames, use the host script to echo the hostname to use for registration. 9 Register Host Using the FQDN, the Agent host registers with the Ambari Server. 10 Complete Host Registration Ambari Server completes the host registration by adding the host to the Ambari DB. 11 Agent Heartbeat Begins Ambari Agent starts heartbeat to Ambari Server, checking for commands to execute.